Details of VAR-201505-0274

ID

VAR-201505-0274

CVE

CVE-2014-8361

TITLE

Multiple vulnerabilities in multiple ELECOM products

Trust: 0.8

sources: JVNDB: JVNDB-2021-000008

DESCRIPTION

The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. The following multiple vulnerabilities exist in multiple products provided by ELECOM CORPORATION. ・ Inadequate access restrictions (CWE-284) - CVE-2021-20643 -Script injection on the management screen (CWE-74) - CVE-2021-20644 ・ Retractable cross-site scripting (CWE-79) - CVE-2021-20645 ・ Cross-site request forgery (CWE-352) - CVE-2021-20646, CVE-2021-20647, CVE-2021-20650 ・ OS Command injection (CWE-78) - CVE-2021-20648 -Insufficient verification of server certificate (CWE-295) - CVE-2021-20649 ・ UPnP Via OS Command injection (CWE-78) - CVE-2014-8361 CVE-2021-20643 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Institute of Information Security Yuasa Laboratory Nagakawa ( Ishibashi ) Australia Mr CVE-2021-20644 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Sato Rei Mr CVE-2021-20645, CVE-2021-20646 These vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Mitsui Bussan Secure Direction Co., Ltd. Tetsuyuki Ogawa Mr CVE-2021-20647, CVE-2021-20648, CVE-2021-20649 These vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Cyber Defense Institute, Inc. Satoru Nagaoka Mr CVE-2021-20650 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Hiroshi Watanabe Mr CVE-2014-8361 The following person indicates that the product is vulnerable to IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Cyber Defense Institute, Inc. Satoru Nagaoka Mr., National Institute of Information and Communications Technology Makita Daisuke Mr., National Institute of Information and Communications Technology Woods Yoshiki MrThe expected impact depends on each vulnerability, but it may be affected as follows. -The management password of the product is changed by processing the request crafted by a remote third party. - CVE-2021-20643 ・ Crafted SSID Is displayed on the management screen, and any script is executed on the user's web browser. - CVE-2021-20644 -Any script is executed on the web browser of the user who is logged in to the product. - CVE-2021-20645 -When a user logged in to the management screen of the product accesses a specially crafted page, an arbitrary request is executed, and as a result, the settings of the product are changed unintentionally. telnet Daemon is started - CVE-2021-20646, CVE-2021-20647, CVE-2021-20650 ・ Any third party who can access the product OS Command is executed - CVE-2021-20648 ・ Man-in-the-middle attack (man-in-the-middle attack) The communication response has been tampered with, resulting in arbitrary in the product. OS Command is executed - CVE-2021-20649 ・ With the product UPnP Is valid, any by a third party who has access to the product OS Command is executed - CVE-2014-8361. Provided by Buffalo Co., Ltd. WSR-300HP is wireless LAN It's a router. Authentication is not required to exploit this vulnerability.The specific flaw exists within the miniigd SOAP service. The issue lies in the handling of the NewInternalClient requests due to a failure to sanitize user data before executing a system call. An attacker could leverage this vulnerability to execute code with root privileges. Failed exploit attempts will result in a denial-of-service condition. Realtek SDK is a set of SDK development kit developed by Realtek

Trust: 4.14

sources: NVD: CVE-2014-8361 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2014-008039 // JVNDB: JVNDB-2017-000194 // ZDI: ZDI-15-155 // BID: 74330 // VULHUB: VHN-76306 // VULMON: CVE-2014-8361

AFFECTED PRODUCTS

vendor:	aterm	model:	w1200ex	scope:	lte	version:	1.3.1	Trust: 1.0
vendor:	aterm	model:	wg1200hp	scope:	eq	version:	*	Trust: 1.0
vendor:	aterm	model:	wf800hp	scope:	eq	version:	*	Trust: 1.0
vendor:	dlink	model:	dir-615	scope:	lte	version:	6.06b03	Trust: 1.0
vendor:	aterm	model:	wf300hp2	scope:	eq	version:	*	Trust: 1.0
vendor:	dlink	model:	dir-600l	scope:	lte	version:	1.15	Trust: 1.0
vendor:	aterm	model:	wg1200hs2	scope:	lte	version:	2.5.0	Trust: 1.0
vendor:	aterm	model:	w300p	scope:	eq	version:	*	Trust: 1.0
vendor:	dlink	model:	dir-605l	scope:	lte	version:	1.14b06	Trust: 1.0
vendor:	dlink	model:	dir-605l	scope:	lte	version:	3.03b07	Trust: 1.0
vendor:	aterm	model:	wg1900hp2	scope:	lte	version:	1.3.1	Trust: 1.0
vendor:	dlink	model:	dir-905l	scope:	lte	version:	2.05b01	Trust: 1.0
vendor:	realtek	model:	sdk	scope:	eq	version:	-	Trust: 1.0
vendor:	dlink	model:	dir-619l	scope:	lte	version:	2.07b02	Trust: 1.0
vendor:	dlink	model:	dir-615	scope:	eq	version:	10.01b02	Trust: 1.0
vendor:	aterm	model:	wg1800hp4	scope:	lte	version:	1.3.1	Trust: 1.0
vendor:	dlink	model:	dir-619l	scope:	lte	version:	1.15	Trust: 1.0
vendor:	aterm	model:	wg1200hp3	scope:	lte	version:	1.3.1	Trust: 1.0
vendor:	dlink	model:	dir-501	scope:	lte	version:	1.01b04	Trust: 1.0
vendor:	aterm	model:	w1200ex-ms	scope:	lte	version:	1.3.1	Trust: 1.0
vendor:	dlink	model:	dir-515	scope:	lte	version:	1.01b04	Trust: 1.0
vendor:	aterm	model:	wg1200hp2	scope:	lte	version:	2.5.0	Trust: 1.0
vendor:	dlink	model:	dir-809	scope:	lte	version:	1.04b02	Trust: 1.0
vendor:	aterm	model:	wg1900hp	scope:	lte	version:	2.5.1	Trust: 1.0
vendor:	aterm	model:	wr8165n	scope:	eq	version:	*	Trust: 1.0
vendor:	dlink	model:	dir-605l	scope:	lte	version:	2.07b02	Trust: 1.0
vendor:	aterm	model:	wg1800hp3	scope:	lte	version:	1.5.1	Trust: 1.0
vendor:	dlink	model:	dir-600l	scope:	lte	version:	2.056b06	Trust: 1.0
vendor:	aterm	model:	wg1200hs	scope:	eq	version:	*	Trust: 1.0
vendor:	aterm	model:	w500p	scope:	eq	version:	*	Trust: 1.0
vendor:	elecom	model:	ld-ps/u1	scope:	eq	version:	(cve-2021-20643)	Trust: 0.8
vendor:	elecom	model:	ncc-ewf100rmwh2	scope:	eq	version:	(cve-2021-20650)	Trust: 0.8
vendor:	elecom	model:	wrc-1467ghbk-a	scope:	eq	version:	(cve-2021-20644)	Trust: 0.8
vendor:	elecom	model:	wrc-300febk	scope:	eq	version:	(cve-2014-8361)	Trust: 0.8
vendor:	elecom	model:	wrc-300febk-a	scope:	eq	version:	(cve-2021-20645, cve-2021-20646)	Trust: 0.8
vendor:	elecom	model:	wrc-300febk-s	scope:	eq	version:	(cve-2021-20647, cve-2021-20648, cve-2021-20649, cve-2014-8361)	Trust: 0.8
vendor:	elecom	model:	wrc-f300nf	scope:	eq	version:	(cve-2014-8361)	Trust: 0.8
vendor:	d link	model:	dir-600l	scope:	lte	version:	a1 ( firmware 1.15 )	Trust: 0.8
vendor:	d link	model:	dir-600l	scope:	lte	version:	b1 ( firmware 2.056b06 )	Trust: 0.8
vendor:	d link	model:	dir-600l	scope:	lte	version:	1.15	Trust: 0.8
vendor:	d link	model:	dir-600l	scope:	lte	version:	2.056b06	Trust: 0.8
vendor:	d link	model:	dir-605l	scope:	lte	version:	a1 ( firmware 1.14b06 )	Trust: 0.8
vendor:	d link	model:	dir-605l	scope:	lte	version:	bx ( firmware 2.07b02 )	Trust: 0.8
vendor:	d link	model:	dir-605l	scope:	lte	version:	c1 ( firmware 3.03b07 )	Trust: 0.8
vendor:	d link	model:	dir-605l	scope:	lte	version:	1.14b06	Trust: 0.8
vendor:	d link	model:	dir-605l	scope:	lte	version:	2.07b02	Trust: 0.8
vendor:	d link	model:	dir-605l	scope:	lte	version:	3.03b07	Trust: 0.8
vendor:	d link	model:	dir-619l	scope:	lte	version:	a1 ( firmware 1.15 )	Trust: 0.8
vendor:	d link	model:	dir-619l	scope:	lte	version:	b1 ( firmware 2.07b02 )	Trust: 0.8
vendor:	d link	model:	dir-619l	scope:	lte	version:	1.15	Trust: 0.8
vendor:	d link	model:	dir-619l	scope:	lte	version:	2.07b02	Trust: 0.8
vendor:	d link	model:	dir-809	scope:	lte	version:	a1 ( firmware 1.04b02 )	Trust: 0.8
vendor:	d link	model:	dir-809	scope:	lte	version:	a2 ( firmware 1.04b02 )	Trust: 0.8
vendor:	d link	model:	dir-809	scope:	lte	version:	1.04b02	Trust: 0.8
vendor:	d link	model:	dir-900l	scope:	lte	version:	a1 ( firmware 1.14b02 )	Trust: 0.8
vendor:	d link	model:	dir-900l	scope:	lte	version:	1.14b02	Trust: 0.8
vendor:	realtek semiconductor corp	model:	sdk	scope:	-	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-300hp	scope:	eq	version:	-	Trust: 0.8
vendor:	バッファロー	model:	wsr-300hp	scope:	lte	version:	firmware 2.30 and earlier	Trust: 0.8
vendor:	realtek	model:	rtl81xx sdk	scope:	-	version:	-	Trust: 0.7
vendor:	d link	model:	dir-600l	scope:	eq	version:	1.15	Trust: 0.6
vendor:	d link	model:	dir-600l	scope:	eq	version:	2.05	Trust: 0.6
vendor:	d link	model:	dir-905l	scope:	eq	version:	1.02	Trust: 0.6
vendor:	d link	model:	dir-605l	scope:	eq	version:	1.13	Trust: 0.6
vendor:	d link	model:	dir-605l	scope:	eq	version:	2.04	Trust: 0.6

sources: ZDI: ZDI-15-155 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2014-008039 // JVNDB: JVNDB-2017-000194 // CNNVD: CNNVD-201504-581 // NVD: CVE-2014-8361

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA:	JVNDB-2021-000008
value:	MEDIUM
Trust: 4.8
nvd@nist.gov:	CVE-2014-8361
value:	CRITICAL
Trust: 1.0
IPA:	JVNDB-2021-000008
value:	HIGH
Trust: 0.8
NVD:	CVE-2014-8361
value:	HIGH
Trust: 0.8
IPA:	JVNDB-2017-000194
value:	HIGH
Trust: 0.8
ZDI:	CVE-2014-8361
value:	HIGH
Trust: 0.7
CNNVD:	CNNVD-201504-581
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-76306
value:	HIGH
Trust: 0.1
VULMON:	CVE-2014-8361
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-8361
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.6
IPA:	JVNDB-2021-000008
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
IPA:	JVNDB-2021-000008
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
IPA:	JVNDB-2021-000008
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:P/A:N
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
IPA:	JVNDB-2021-000008
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
IPA:	JVNDB-2021-000008
severity:	LOW
baseScore:	2.6
vectorString:	AV:N/AC:H/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
IPA:	JVNDB-2021-000008
severity:	MEDIUM
baseScore:	5.2
vectorString:	AV:A/AC:L/AU:S/C:P/I:P/A:P
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
IPA:	JVNDB-2021-000008
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:H/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
IPA:	JVNDB-2017-000194
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-76306
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2014-8361
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
IPA:	JVNDB-2021-000008
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA:	JVNDB-2021-000008
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA:	JVNDB-2021-000008
baseSeverity:	MEDIUM
baseScore:	5.2
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA:	JVNDB-2021-000008
baseSeverity:	MEDIUM
baseScore:	5.4
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA:	JVNDB-2021-000008
baseSeverity:	MEDIUM
baseScore:	4.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA:	JVNDB-2021-000008
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA:	JVNDB-2021-000008
baseSeverity:	MEDIUM
baseScore:	4.8
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA:	JVNDB-2017-000194
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: ZDI: ZDI-15-155 // VULHUB: VHN-76306 // VULMON: CVE-2014-8361 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2014-008039 // JVNDB: JVNDB-2017-000194 // CNNVD: CNNVD-201504-581 // NVD: CVE-2014-8361

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-20	Trust: 0.9
problemtype:	CWE-78	Trust: 0.8
problemtype:	CWE-Other	Trust: 0.8
problemtype:	CWE-79	Trust: 0.8
problemtype:	CWE-352	Trust: 0.8
problemtype:	CWE-264	Trust: 0.8
problemtype:	Code injection (CWE-94) [IPA evaluation ]	Trust: 0.8

sources: VULHUB: VHN-76306 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2014-008039 // JVNDB: JVNDB-2017-000194 // NVD: CVE-2014-8361

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201504-581

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201504-581

CONFIGURATIONS

sources: JVNDB: JVNDB-2021-000008

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-76306 // VULMON: CVE-2014-8361

PATCH

title:	無線LANルーターなどネットワーク製品の一部における脆弱性に関して	url:	https://www.elecom.co.jp/news/security/20210126-01/	Trust: 0.8
title:	RTL81xx	url:	http://www.realtek.com/search/default.aspx?keyword=RTL81	Trust: 0.8
title:	SAP10055	url:	http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055	Trust: 0.8
title:	WSR-300HP Arbitrary Code Execution Vulnerability in	url:	http://buffalo.jp/support_s/s20170804_2.html	Trust: 0.8
title:	This vulnerability is being disclosed publicly without a patch in accordance with the ZDI vulnerability disclosure policy on lack of vendor response.Vendor Contact Timeline:08/13/2014 - ZDI wrote to vendor requesting contact and PGP09/04/2014 - ZDI wrote to vendor requesting contact and PGP09/29/2014 - ZDI wrote to vendor requesting contact and PGP10/22/2014 - ZDI wrote to vendor requesting contact and PGP, indicated "final" email attempt and informed of intent to 0-day04/24/2015 - Public release of advisory-- Mitigation:Given the stated purpose of Realtek SDK, and the nature of the vulnerability, the only salient mitigation strategy is to restrict interaction with the service to trusted machines. Only the clients and servers that have a legitimate procedural relationship with products using Realtek SDK service should be permitted to communicate with it. This could be accomplished in a number of ways, most notably with firewall rules/whitelisting. These features are available in the native Windows Firewall, as described in and numerous other Microsoft Knowledge Base articles.	url:	http://technet.microsoft.com/en-us/library/cc725770%28WS.10%29.aspx	Trust: 0.7
title:	Realtek SDK miniigd SOAP Fixes for service remote code execution vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96763	Trust: 0.6
title:	-	url:	https://github.com/xuguowong/Mirai-MAL	Trust: 0.1
title:	api.greynoise.io	url:	https://github.com/GreyNoise-Intelligence/api.greynoise.io	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/keksec-simps-botnet-gaming-ddos/166306/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/gafgyt-botnet-ddos-mirai/165424/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/valve-source-engine-fortnite-servers-crippled-by-gafgyt-variant/149719/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/new-mirai-samples-grow-the-number-of-processors-targets/143566/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/huawei-router-default-credential/140234/	Trust: 0.1
title:	BleepingComputer	url:	https://www.bleepingcomputer.com/news/security/router-crapfest-malware-author-builds-18-000-strong-botnet-in-a-day/	Trust: 0.1
title:	Securelist	url:	https://securelist.com/threat-landscape-for-industrial-automation-systems-in-h2-2017/85053/	Trust: 0.1
title:	BleepingComputer	url:	https://www.bleepingcomputer.com/news/security/new-jenx-iot-ddos-botnet-offered-part-of-gaming-server-rental-scheme/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/jenx-botnet-has-grand-theft-auto-hook/129759/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/satori-author-linked-to-new-mirai-variant-masuta/129640/	Trust: 0.1
title:	BleepingComputer	url:	https://www.bleepingcomputer.com/news/security/satori-botnet-is-now-attacking-ethereum-mining-rigs/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/code-used-in-zero-day-huawei-router-attack-made-public/129260/	Trust: 0.1
title:	BleepingComputer	url:	https://www.bleepingcomputer.com/news/security/amateur-hacker-behind-satori-botnet/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/unpatched-router-vulnerability-could-lead-to-code-execution/112524/	Trust: 0.1

sources: ZDI: ZDI-15-155 // VULMON: CVE-2014-8361 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2014-008039 // JVNDB: JVNDB-2017-000194 // CNNVD: CNNVD-201504-581

EXTERNAL IDS

db:	NVD	id:	CVE-2014-8361	Trust: 6.0
db:	ZDI	id:	ZDI-15-155	Trust: 3.6
db:	JVN	id:	JVN47580234	Trust: 2.6
db:	BID	id:	74330	Trust: 2.1
db:	DLINK	id:	SAP10055	Trust: 2.1
db:	JVN	id:	JVN67456944	Trust: 1.8
db:	EXPLOIT-DB	id:	37169	Trust: 1.8
db:	PACKETSTORM	id:	132090	Trust: 1.8
db:	JVNDB	id:	JVNDB-2021-000008	Trust: 1.4
db:	JVNDB	id:	JVNDB-2014-008039	Trust: 0.8
db:	JVN	id:	JVN74871939	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-000194	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-2435	Trust: 0.7
db:	CNNVD	id:	CNNVD-201504-581	Trust: 0.7
db:	JVNDB	id:	JVNDB-2021-000028	Trust: 0.6
db:	SEEBUG	id:	SSVID-97587	Trust: 0.1
db:	VULHUB	id:	VHN-76306	Trust: 0.1
db:	VULMON	id:	CVE-2014-8361	Trust: 0.1

sources: ZDI: ZDI-15-155 // VULHUB: VHN-76306 // VULMON: CVE-2014-8361 // BID: 74330 // JVNDB: JVNDB-2021-000008 // JVNDB: JVNDB-2014-008039 // JVNDB: JVNDB-2017-000194 // CNNVD: CNNVD-201504-581 // NVD: CVE-2014-8361

REFERENCES

url:	http://www.zerodayinitiative.com/advisories/zdi-15-155/	Trust: 2.9
url:	http://securityadvisories.dlink.com/security/publication.aspx?name=sap10055	Trust: 2.1
url:	https://www.exploit-db.com/exploits/37169/	Trust: 1.9
url:	http://www.securityfocus.com/bid/74330	Trust: 1.8
url:	http://jvn.jp/en/jp/jvn47580234/index.html	Trust: 1.8
url:	http://jvn.jp/en/jp/jvn67456944/index.html	Trust: 1.8
url:	http://packetstormsecurity.com/files/132090/realtek-sdk-miniigd-upnp-soap-command-execution.html	Trust: 1.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8361	Trust: 1.6
url:	https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/	Trust: 1.1
url:	https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/security/publication.aspx?name=sap10055	Trust: 1.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20649	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20650	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20643	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20644	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20645	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20646	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20647	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-20648	Trust: 0.8
url:	https://jvn.jp/jp/jvn47580234/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8361	Trust: 0.8
url:	https://jvn.jp/jp/jvn74871939/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2014-8361	Trust: 0.8
url:	https://www.cisa.gov/known-exploited-vulnerabilities-catalog	Trust: 0.8
url:	http://technet.microsoft.com/en-us/library/cc725770%28ws.10%29.aspx	Trust: 0.7
url:	https://jvndb.jvn.jp/en/contents/2021/jvndb-2021-000028.html	Trust: 0.6
url:	https://jvndb.jvn.jp/en/contents/2021/jvndb-2021-000008.html	Trust: 0.6
url:	http://www.realtek.com.tw/contact/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=41532	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/keksec-simps-botnet-gaming-ddos/166306/	Trust: 0.1

CREDITS

Ricky "HeadlessZeke" Lawshae

Trust: 1.6

sources: ZDI: ZDI-15-155 // BID: 74330 // CNNVD: CNNVD-201504-581

SOURCES

db:	ZDI	id:	ZDI-15-155
db:	VULHUB	id:	VHN-76306
db:	VULMON	id:	CVE-2014-8361
db:	BID	id:	74330
db:	JVNDB	id:	JVNDB-2021-000008
db:	JVNDB	id:	JVNDB-2014-008039
db:	JVNDB	id:	JVNDB-2017-000194
db:	CNNVD	id:	CNNVD-201504-581
db:	NVD	id:	CVE-2014-8361

LAST UPDATE DATE

2024-08-14T13:54:14.448000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-15-155	date:	2015-04-24T00:00:00
db:	VULHUB	id:	VHN-76306	date:	2019-08-14T00:00:00
db:	VULMON	id:	CVE-2014-8361	date:	2023-09-05T00:00:00
db:	BID	id:	74330	date:	2015-05-07T18:22:00
db:	JVNDB	id:	JVNDB-2021-000008	date:	2021-01-26T03:12:23
db:	JVNDB	id:	JVNDB-2014-008039	date:	2015-05-07T00:00:00
db:	JVNDB	id:	JVNDB-2017-000194	date:	2024-07-02T08:54:00
db:	CNNVD	id:	CNNVD-201504-581	date:	2021-04-12T00:00:00
db:	NVD	id:	CVE-2014-8361	date:	2024-06-27T18:35:21.117

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-15-155	date:	2015-04-24T00:00:00
db:	VULHUB	id:	VHN-76306	date:	2015-05-01T00:00:00
db:	VULMON	id:	CVE-2014-8361	date:	2015-05-01T00:00:00
db:	BID	id:	74330	date:	2015-04-24T00:00:00
db:	JVNDB	id:	JVNDB-2021-000008	date:	2021-01-26T03:12:23
db:	JVNDB	id:	JVNDB-2014-008039	date:	2015-05-07T00:00:00
db:	JVNDB	id:	JVNDB-2017-000194	date:	2017-08-08T00:00:00
db:	CNNVD	id:	CNNVD-201504-581	date:	2015-04-29T00:00:00
db:	NVD	id:	CVE-2014-8361	date:	2015-05-01T15:59:01.287